The invention relates to a method for the operation of a neuroprosthesis and to a device therefor.
In the context of the present patent application, neuroprostheses are understood as meaning devices for use in contact or active connection (unidirectional or bidirectional influencing through release of active ingredients) with the central nervous system inside the skull, the spinal cord (or peripheral nerves connected to the spinal cord) and also optical prostheses or hearing prostheses with an implanted internal component and a non-implanted external component.
Several known neuroprostheses for the treatment of inter alia functional disorders of the vision system, the hearing system, the intracranial nerve system, the vegetative nerve system, the spinal cord or the peripheral nervous system have an implanted component in contact with nerve tissue in which data transmission is provided between an external and the internal implanted component for the purposes of operation, of functional monitoring or of function determination (see for example WO 98/36793, WO 98/36795 and U.S. Pat. No. 6,002,996).
Several systems have been disclosed for protected data transmission between mutually remote components by inter alia mobile radio, satellite communication or in local computer networks or the Internet in for example telebanking, private car theft protection or telesurgery (see for example DE 2618401, U.S. Pat. No. 5,646,456, U.S. Pat. No. 5,734,330, U.S. Pat. No. 5,940,515, U.S. Pat. No. 5,930,362, U.S. Pat. No. 5,963,621, U.S. Pat. No. 5,940,799, DE 19630920 and EP 0946018).
Known implants for inter alia personal identification or animal tracking location are in signal connection with an external component without contact to nerve tissue (see for example U.S. Pat. No. 4,399,821, U.S. Pat. No. 4,909,250, U.S. Pat. No. 5,855,609, WO 97/00708, EP 0896828 A2 and WO 98/29160).
Implants as heart pacemakers whose operating state can be checked and/or altered by means of an external component are known (see for example in U.S. Pat. No. 4,361,153, DE 2944542, U.S. Pat. No. 5,871,451 and U.S. Pat. No. 5,891,178).
There are known encrypting and decrypting devices and methods for avoiding unauthorized access to digital or analogue data transmissions inter alia in industrial or medical-engineering fields of application (see for example U.S. Pat. No. 4,766,516, U.S. Pat. No. 5,365,225, U.S. Pat. No. 5,696,825, U.S. Pat. No. 5,987,440 and WO 98/10836).
Available neuroprostheses or neuroimplants (eg a cochlear implant for deaf people or a retina implant with learning capability for blind people with retina degeneration) do not have an access control that makes access to data and operation dependent on a specific authorization. In principle, the external components specially adjusted for a given implant wearer can be exchanged or mixed up and thus result in appreciable and possibly harmful functional disturbances in the industrial and/or biomedical field.
Furthermore, personal data requiring protection and/or implant data can be retrieved and/or altered without authorization to the detriment of the implant wearer and/or of the implant producer/operator.
A communication connection between the implanted component permanently connected to the implant wearer and an essentially exchangeable external component is typically set up for neuroprosthesis operation without prior attention having been paid to protection against unauthorized data access, etc. Therefore the basic risk of misuse or of an unintenional incorrect operation is significant.
It is therefore an object of the present invention to eliminate these disadvantages and to disclose a neuroimplant protection system (NIS) that prevents unauthorized access.
Thus viewed from one aspect the present invention provides a method for operating a neuroprosthesis in the central nervous system within the skull, the spinal cord or peripheral nerves connected to the spinal cord, or a vision prosthesis or hearing prosthesis, the neuroprosthesis comprising an implanted internal component and a non-implanted external component, a wireless data transmission being provided between the internal component and the external component, wherein some or all of the data are transmitted only if an authorization signal transmitted by the external component to the internal component has been tested and accepted. Because data transfer or operation of the neuroprosthesis can take place only after authorization with the aid of the implanted component, numerous conceivable types of operational misuse may be prevented.
The preferred embodiments of the authorization procedure are based on essential functional features of the implanted component that cannot be discovered, copied or simulated in the implanted state.
Since the authorization procedure requires the interaction of the implanted component with the external component, data stored in protected form in the internal, the external and (optionally) a further internal component can include not only data for the purpose of the neuroprosthesis but also (for example) economically or legally important personal data.
The construction and authorization system of a neuroprosthesis designed in this way prevents the copying of the individual components.
The neuroimplant protection system (NIS) of the invention provides a neuroprostheses expanded or additionally equipped with a number of important advantages over known neuroprostheses without NIS. This substantially increases the operational security and the acceptance of neuroprostheses in relation to inter alia data protection and protection against operating faults. For the first time, the present invention provides a system that prevents operational misuse by coupling the implanted component to external components not specifically assigned. This ensures for the first time that the implant wearer is protected against functional injury owing to the use of wrong components.
The present invention makes it possible for the first time to prevent unauthorized access to data and function determination of the implanted components for neuroprostheses equipped with NIS.
Furthermore the present invention makes it possible for the first time to prevent unauthorized access to data transmission between external and implanted components. As a result, the personal data protection of the implant wearer (which in the case of conventional treatment methods is protected by inter alia the attendant doctor""s duty of confidentiality) is secured permanently for the first time in relation to the neuroprosthesis operation.
In addition, the present invention can prevent the unauthorized access to important functional properties of the neuroprosthesis. This prevents the unauthorized imitation (reverse engineering) of components of the neuroprostheses because (on the one hand) important functional properties are lacking for the unauthorized imitation and (on the other hand) such unauthorized imitation components cannot be operated with the remaining components because of lack of compatibility and lack of authorization of the component communication.